From 1be3ce89319ac912e83d942eb7a777ea4d92a6fe Mon Sep 17 00:00:00 2001 From: jow Date: Mon, 27 Jul 2015 13:29:08 +0000 Subject: [PATCH] BB: hostapd: Fix RADIUS connection recovery after initial failure (#18197) If the initial attempt at opening the socket connection to the RADIUS server failed due to missing IP connectivity during startup, e.g., with "connect[radius]: Network is unreachable", hostapd did not try to reconnect when RADIUS messages were sent. Instead, it only reported "No authentication server configured" even if the configuration did have a server entry. Backport of upstream commit 94b39e5927e570e6b0fe41d455dde0a361c71c36 ("RADIUS client: Fix server connection recovery after initial failure") Signed-off-by: Jo-Philipp Wich git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@46512 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- package/network/services/hostapd/Makefile | 4 +- .../patches/700-fix-radius-reconnect.patch | 41 +++++++++++++++++++ 2 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 package/network/services/hostapd/patches/700-fix-radius-reconnect.patch diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index 788fd11..af979e8 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2014 OpenWrt.org +# Copyright (C) 2006-2015 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hostapd PKG_VERSION:=2014-06-03.1 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_REV:=84df167554569af8c87f0a8ac1fb508192417d8e PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 diff --git a/package/network/services/hostapd/patches/700-fix-radius-reconnect.patch b/package/network/services/hostapd/patches/700-fix-radius-reconnect.patch new file mode 100644 index 0000000..46a4167 --- /dev/null +++ b/package/network/services/hostapd/patches/700-fix-radius-reconnect.patch @@ -0,0 +1,41 @@ +From 94b39e5927e570e6b0fe41d455dde0a361c71c36 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen +Date: Sat, 28 Feb 2015 11:57:57 +0000 +Subject: RADIUS client: Fix server connection recovery after initial failure + +If the initial attempt at opening the socket connection to the RADIUS +server failed due to missing IP connectivity during startup, e.g., with +"connect[radius]: Network is unreachable", hostapd did not try to +reconnect when RADIUS messages were sent. Instead, it only reported "No +authentication server configured" even if the configuration did have a +server entry. + +This was broken by commit 9ed40766735a9628cc6c936076b175e6f66534bb +('RADIUS client: Do not try to send message without socket') for the +initial case and the more recent fixes in RADIUS server failover cases +did not cover the initial failure case. + +Signed-off-by: Jouni Malinen + +--- a/src/radius/radius_client.c ++++ b/src/radius/radius_client.c +@@ -658,6 +658,9 @@ int radius_client_send(struct radius_cli + } + + if (msg_type == RADIUS_ACCT || msg_type == RADIUS_ACCT_INTERIM) { ++ if (conf->acct_server && radius->acct_sock < 0) ++ radius_client_init_acct(radius); ++ + if (conf->acct_server == NULL || radius->acct_sock < 0) { + hostapd_logger(radius->ctx, NULL, + HOSTAPD_MODULE_RADIUS, +@@ -672,6 +675,9 @@ int radius_client_send(struct radius_cli + s = radius->acct_sock; + conf->acct_server->requests++; + } else { ++ if (conf->auth_server && radius->auth_sock < 0) ++ radius_client_init_auth(radius); ++ + if (conf->auth_server == NULL || radius->auth_sock < 0) { + hostapd_logger(radius->ctx, NULL, + HOSTAPD_MODULE_RADIUS, -- 2.35.1